Give System Admins Option if Trusted Sender Fails SPF
Idea shared by Scott Hendrickson - 10/26/2021 at 3:56 PM
As of at least build 7906, if a message comes in that fails SPF, even if it's from a trusted domain, it gets sent to junk anyway.  This has created multiple support calls that could have been avoided if, as a system admin, I had the option to change that setting at the domain level.  While I agree that DNS for all domains should have properly configured SPF records that explicitly authorize all applicable sending IPs, the fact is that some simply do not.  Perhaps a company changed or added vendors but forgot to update its DNS, who knows.  What I do know is that when my clients put a normal email address or domain into their Trusted Senders/Domains list, they fully expect it will no longer be sent to junk.  

Rather than hard coding this setting, please give SmarterMail system admins the ability to change it at the domain level.  This could save us a good bit of support time trying to explain why clients' Trusted Senders/Domains lists are not working as expected.  

Scott Hendrickson
SOS4Net, Inc.
Centennial, CO. U.S.A.

1 Reply

Reply to Thread
Kyle Kerst Replied
Employee Post
Scott, one thing you can do is create a "reverse-spam-check" if that makes sense! If you know a particular domain is trusted, and yet continues to fail SPF, you can add a custom spam check that adds a weight of -99 when the return-path includes the trusted domain name. This should override any spam association with that message. Please be sure to set it up on the return-path rather than the from header though, otherwise this could be compromised to send your users spam. I hope this helps!
Kyle Kerst
System/Network Administrator
SmarterTools Inc.
(877) 357-6278

Reply to Thread